WeWork's WiFi network is leaking sensitive user information
infosec

WeWork's WiFi network is leaking sensitive user information

WeWork WiFi vulnerabilities in the Manhattan-based company building which exposed sensitive company data, ...
Read More
infosec

Microsoft: The biggest risk for businesses is cyberattacks

According to a survey by Marsh and Microsoft, the biggest threat to businesses is cyberattacks. Nowadays,...
Read More
infosec

How to fix iOS 13 bugs in iPhone Mail app

If you have upgraded to iOS 13, then you may have discovered that the Mail app behaves a bit weird, which is ...
Read More
infosec

Check if your folders have malware with Windows Defender!

Windows comes with a free antivirus program, called Windows Defender, that offers continuous protection as well as the ability to ...
Read More
infosec

TalkTalk hackers have also invaded EtherDelta

US authorities accuse two suspects of hacking EtherDelta (cryptocurrency exchange company) in December ...
Read More
Latest Posts

Pc-Doctor: Vulnerability to Dell Devices, and Not Just, With Firmware of the Manufacturer!

Pc-Doctor: Dell uncovered a new vulnerability that again affects Dell's pre-loaded software support. The flaw, which was discovered by SafeBreach and analyzed in detail by security researcher Peleg Hadar, reveals a high-level violation that would allow anyone hacker remote access to root-level DLLs and import malicious code at the deep system level to capture a system and gain access to the storage of a laptop or desktop computer.

Pc-Doctor

Η vulnerability is named CVE-2019-12280 and it affects it Dell SupportAssist v2 software.0 for business computers and v3.2.1 for personal devices.

After remotely importing a malicious DLL into the system, attackers could benefit from system-level DLLs that have full access to a computer. While SafeBreach has not revealed whether the problem has been abused, said the vulnerability affects devices other than Dell's.

But why do other devices besides Dell be affected;

O the reason is that firmware is manufactured by PC-Doctor, which creates and maintains system maintenance software for many OEMs. As a result, the actual number of affected devices could be much higher and will be around 100 million portable computers and desktops all over the world. This means that any service uses PC-Doctor software with deep-level system access has such a vulnerability and, given its criticality, an update should be released soon.

It is important to note that Dell has recently experienced a similar vulnerability with the software SupportAssist, which allowed them hackers to remotely understand a system and gain root-level access. This, in turn, could allow import of ransomware and other malicious code. Given that Dell is one of the largest OEMs for laptops and computers, the risk can take enormous proportions.

How useful was this post?

Average rating / 5. Vote count:

Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by
Hack Unamatata

About Hack Unamatata

Take great photos, someone is stalking you

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *